To ask the Secretary of State for Health pursuant to the Written Ministerial Statement of 25 June 2008, Official Report, columns 25-27WS, on data handling procedures, if he will commission a privacy impact assessment for the NHS Spine database project. (222208)

This matter has been carefully considered, but we do not believe that such an assessment would serve any useful purpose at this stage of the project.

The aim of a privacy impact assessment is to ensure that privacy is considered at every stage of a project involving the handling of information, and that action is taken to mitigate against identified risks to the privacy of individuals. While this is clearly a useful tool for many projects where these matters might otherwise be neglected, the need to safeguard privacy and confidentiality is a necessary deliverable of any health record system, and the management of risk in this area has been a core deliverable of the national health service care records service (the spine project).

The security safeguards around access to patient data held within the new care records will provide an unprecedented level of assurance compared with existing electronic and paper systems. The Department has also produced what we believe is the most comprehensive privacy statement of any public service in the form of the NHS care record guarantee for England, setting out 12 commitments the NHS. makes to patients in order to protect their confidentiality.

The Information Commissioner has confirmed that, properly deployed, the new systems have the potential to allow the NHS to better meet the various informational and privacy challenges which it faces than the systems currently in existence, and that he is content with the general approach being taken with the care records service.